Authorizing Users

Once a user is authenticated, the level of authorization determines
what operations can be performed. A user's authorization is based on his role. For example, a human resources application may authorize
managers to view personal employee information for all employees, but allow
employees to view only their own personal information. For more on roles,
see Understanding Users, Groups, Roles, and Realms.